2.0 KiB
Authentication and Authorisation
@NAVIGATE_DbaManualAuthentication @EMBEDTOC{DbaManualAuthenticationTOC}
Authentication and Authorisation
ArangoDB only provides a very simple authentication interface and no authorisation. We plan to add authorisation features in later releases, which will allow the administrator to restrict access to collections and queries to certain users, given them either read or write access.
Currently, you can only secure the access to ArangoDB in an all-or-nothing
fashion. The collection _users contains all users and a salted SHA256 hash
of their passwords. A user can be active or inactive. A typical document of this
collection is
@EXAMPLE_ARANGOSH_OUTPUT{AuthenticationExample1} db._users.firstExample("user", "root") @END_EXAMPLE_ARANGOSH_OUTPUT
Command-Line Options for the Authentication and Authorisation
@copydetails triagens::rest::ApplicationEndpointServer::_disableAuthentication
Introduction to User Management
ArangoDB provides basic functionality to add, modify and remove
database users programmatically. The following functionality is
provided by the users module and can be used from inside arangosh
and arangod.
Please note that this functionality is not available from within the web interface.
@anchor UserManagementSave @copydetails JSF_saveUser
@CLEARPAGE @anchor UserManagementDocument @copydetails JSF_documentUser
@CLEARPAGE @anchor UserManagementReplace @copydetails JSF_replaceUser
@CLEARPAGE @anchor UserManagementUpdate @copydetails JSF_updateUser
@CLEARPAGE @anchor UserManagementRemove @copydetails JSF_removeUser
@CLEARPAGE @anchor UserManagementReload @copydetails JSF_reloadUsers